SSL connect attempt failed error:14161044:SSL routines:state_machine:internal error at myscript line 23
####
my $ldap=Company::LDAP->new();
####
my $conffile='/etc/ldap.conf';
sub my_conf
{
state %conf;
my $key=shift;
unless ($conf{'.read'}++) {
open my $f,'<',$conffile or die "Can't open $conffile for reading: $!";
while (<$f>) {
next if /^\#/;
next if /^\s+$/;
s/^\s+//;
s/\s+$//;
my ($k,$v)=split /\s+/,$_,2;
warn "Duplicate key $k in $conffile line $.\n" if exists $conf{$k};
$conf{$k}=$v;
}
close $f;
my $fn=$conffile;
$fn=~s/\.conf$/.secret/;
open my $f2,'<',$fn or die "Can't open $fn for reading: $!";
$conf{'.secret'}=<$f2>;
chomp $conf{'.secret'};
close $f2;
}
return $conf{$key};
}
sub new
{
my $proto=shift;
my $uri=URI->new(my_conf('uri') // die "Missing uri in $conffile\n");
my $host=$uri->host();
my $scheme=$uri->scheme();
my $path=$uri->path();
my $port=$uri->port();
my %opts=(
onerror => 'die',
host => $host,
scheme => $scheme,
port => $port,
timeout => my_conf('timelimit')//120,
version => my_conf('ldap_version')//3,
inet4 => 1,
inet6 => 0,
);
my $ldap=$proto->SUPER::new($host,%opts) or die "Can't connect to $host: $@";
if ((my_conf('ssl')//'') eq 'start_tls') {
%opts=();
$opts{'verify'}='none';
$opts{'cafile'}=my_conf('tls_cacertfile') // die "Missing tls_cacertfile in $conffile\n";
# $opts{'capath'}=$opts{'cafile'}=~s|/[^/]+$|/|;
$opts{'sslversion'}='tlsv1_1';
$ldap->start_tls(%opts);
}
return $ldap;
}
####
base dc=company,dc=de
uri ldap://ldap.company.de/
ldap_version 3
rootbinddn cn=ldapadmin,dc=company,dc=de
timelimit 5
bind_timelimit 3
pam_password crypt
ssl start_tls
tls_cacertfile /etc/ssl/certs/company-cacert.pem